FEDORA-EPEL-2018-c887b5aaa9

security update in Fedora EPEL 7 for pagure

Status: unpushed

Rebase to Pagure 5.0.1 to move to a maintained Pagure version and fix CVE-2017-1002151, as well as many other issues.

Upstream changes with the rebase to 5.0.1:

  • The UI has been completely redesigned
  • Theming has been redesigned, and new themes are included as subpackages
  • Many new API endpoints have been added
  • Reworked how git hooks work to rely on a single file for efficiency
  • Expanded functionality included in the pagure-admin command

Consult the official Pagure documentation on upgrading to Pagure 5 from earlier versions.

Comments 13

This update has been submitted for testing by ngompa.

This update has obsoleted pagure-2.10.1-1.el7, and has inherited its bugs and notes.

ngompa edited this update.

ngompa edited this update.

ngompa edited this update.

This update has been pushed to testing.

Requires python-celery, which is not available.

karma: -1

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

I found same dependency issue.

karma: -1

python-celery is in Extras/Optional, so we can't ship it in EPEL.

Hmm, I stand corrected. I don't know where celery comes from.

[citation needed]

It does not seem to be mentioned in the JSON files in https://infrastructure.fedoraproject.org/repo/json/

Perhaps that's only in the upcoming RHEL 7.6? If not, what's the exact RHEL channel name?

This update has been unpushed.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
unpushed
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
-2
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago
modified a year ago

Related Bugs 3

00 #1474269 CVE-2017-1002151 pagure: Private repositories accessible through ssh
00 #1474270 CVE-2017-1002151 pagure: Private repositories accessible through ssh [epel-7]
00 #1634318 pagure-5.0.1 is available

Automated Test Results